OpenWRT is vulnerable to attacks that execute malicious code

We posted the following several days ago:

New OpenWRT vulnerability? No.

The security vulnerability CVE-2020-7982 is publicly known since early February 2020. Somehow, some bloggers re-discovered the vulnerability this week and started to warn users.

However, the vulnerability was fixed more than 1 month ago, see https://chaos.social/@infosechandbook/103588009747917424.

Turris Omnia users: This was fixed in Turris OS 3.11.14, released on Feb 5, 2020.

Obviously, Ars Technica re-discovered the vulnerability, too.

1 Like